Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
business one vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2022-31593
SAP Business One client - version 10.0 allows an attacker with low privileges, to inject code that can be executed by the application. An attacker could thereby control the behavior of the application.
Sap Business One 10.0
NA
CVE-2023-41365
SAP Business One (B1i) - version 10.0, allows an authorized malicious user to retrieve the details stack trace of the fault message to conduct the XXE injection, which will lead to information disclosure. After successful exploitation, an attacker can cause limited impact on the ...
Sap Business One 10.0
NA
CVE-2023-37487
SAP Business One (Service Layer) - version 10.0, allows an authenticated attacker with deep knowledge perform certain operation to access unintended data over the network which could lead to high impact on confidentiality with no impact on integrity and availability of the applic...
Sap Business One 10.0
NA
CVE-2022-35292
In SAP Business One application when a service is created, the executable path contains spaces and isn’t enclosed within quotes, leading to a vulnerability known as Unquoted Service Path which allows a user to gain SYSTEM privileges. If the service is exploited by adversari...
Sap Business One 10.0
NA
CVE-2023-33993
B1i module of SAP Business One - version 10.0, application allows an authenticated user with deep knowledge to send crafted queries over the network to read or modify the SQL data. On successful exploitation, the attacker can cause high impact on confidentiality, integrity and av...
Sap Business One 10.0
2.1
CVSSv2
CVE-2021-33662
Under certain conditions, the installation of SAP Business One, version - 10.0, discloses sensitive information on the file system allowing an malicious user to access information which would otherwise be restricted.
Sap Business One 10.0
4.6
CVSSv2
CVE-2021-33700
SAP Business One, version - 10.0, allows a local attacker with access to the victim's browser under certain circumstances, to login as the victim without knowing his/her password. The attacker could so obtain highly sensitive information which the attacker could use to take ...
Sap Business One 10.0
NA
CVE-2023-39437
SAP business One allows - version 10.0, allows an malicious user to insert malicious code into the content of a web page or application and gets it delivered to the client, resulting to Cross-site scripting. This could lead to harmful action affecting the Confidentiality, Integri...
Sap Business One 10.0
4.3
CVSSv2
CVE-2018-2460
SAP Business One Android application, version 1.2, does not verify the certificate properly for HTTPS connection. This allows malicious user to do MITM attack.
Sap Business One 1.2
6.8
CVSSv2
CVE-2016-6256
SAP Business One for Android 1.2.3 allows remote malicious users to conduct XML External Entity (XXE) attacks via crafted XML data in a request to B1iXcellerator/exec/soap/vP.001sap0003.in_WCSX/com.sap.b1i.vplatform.runtime/INB_WS_CALL_SYNC_XPT/INB_WS_CALL_SYNC_XPT.ipo/proc, aka ...
Sap Business One 1.2.3
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »